summaryrefslogtreecommitdiff
path: root/src/libsystemd
diff options
context:
space:
mode:
Diffstat (limited to 'src/libsystemd')
-rw-r--r--src/libsystemd/sd-bus/bus-bloom.c10
-rw-r--r--src/libsystemd/sd-bus/bus-container.c2
-rw-r--r--src/libsystemd/sd-bus/bus-control.c23
-rw-r--r--src/libsystemd/sd-bus/bus-internal.c30
-rw-r--r--src/libsystemd/sd-bus/bus-socket.c16
-rw-r--r--src/libsystemd/sd-bus/test-bus-kernel-bloom.c25
-rw-r--r--src/libsystemd/sd-bus/test-bus-signature.c13
-rw-r--r--src/libsystemd/sd-rtnl/rtnl-message.c2
8 files changed, 92 insertions, 29 deletions
diff --git a/src/libsystemd/sd-bus/bus-bloom.c b/src/libsystemd/sd-bus/bus-bloom.c
index 3556774074..91fab90cb0 100644
--- a/src/libsystemd/sd-bus/bus-bloom.c
+++ b/src/libsystemd/sd-bus/bus-bloom.c
@@ -116,11 +116,19 @@ void bloom_add_prefixes(uint64_t filter[], size_t size, unsigned k, const char *
p = stpcpy(stpcpy(c, a), ":");
strcpy(p, b);
+ bloom_add_data(filter, size, k, c, n);
+
for (;;) {
char *e;
e = strrchr(p, sep);
- if (!e || e == p)
+ if (!e)
+ break;
+
+ *(e + 1) = 0;
+ bloom_add_data(filter, size, k, c, e - c + 1);
+
+ if (e == p)
break;
*e = 0;
diff --git a/src/libsystemd/sd-bus/bus-container.c b/src/libsystemd/sd-bus/bus-container.c
index f157c25bba..fa7a207448 100644
--- a/src/libsystemd/sd-bus/bus-container.c
+++ b/src/libsystemd/sd-bus/bus-container.c
@@ -222,7 +222,7 @@ int bus_container_connect_kernel(sd_bus *b) {
if (recvmsg(pair[0], &mh, MSG_NOSIGNAL|MSG_CMSG_CLOEXEC) < 0)
return -errno;
- for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg))
+ CMSG_FOREACH(cmsg, &mh)
if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
int *fds;
unsigned n_fds;
diff --git a/src/libsystemd/sd-bus/bus-control.c b/src/libsystemd/sd-bus/bus-control.c
index 1103903358..7a59702cb2 100644
--- a/src/libsystemd/sd-bus/bus-control.c
+++ b/src/libsystemd/sd-bus/bus-control.c
@@ -1291,10 +1291,8 @@ int bus_add_match_internal_kernel(
break;
case BUS_MATCH_PATH_NAMESPACE:
- if (!streq(c->value_str, "/")) {
- bloom_add_pair(bloom, bus->bloom_size, bus->bloom_n_hash, "path-slash-prefix", c->value_str);
- using_bloom = true;
- }
+ bloom_add_pair(bloom, bus->bloom_size, bus->bloom_n_hash, "path-slash-prefix", c->value_str);
+ using_bloom = true;
break;
case BUS_MATCH_ARG...BUS_MATCH_ARG_LAST: {
@@ -1310,11 +1308,18 @@ int bus_add_match_internal_kernel(
}
case BUS_MATCH_ARG_PATH...BUS_MATCH_ARG_PATH_LAST: {
- char buf[sizeof("arg")-1 + 2 + sizeof("-slash-prefix")];
-
- xsprintf(buf, "arg%i-slash-prefix", c->type - BUS_MATCH_ARG_PATH);
- bloom_add_pair(bloom, bus->bloom_size, bus->bloom_n_hash, buf, c->value_str);
- using_bloom = true;
+ /*
+ * XXX: DBus spec defines arg[0..63]path= matching to be
+ * a two-way glob. That is, if either string is a prefix
+ * of the other, it matches.
+ * This is really hard to realize in bloom-filters, as
+ * we would have to create a bloom-match for each prefix
+ * of @c->value_str. This is excessive, hence we just
+ * ignore all those matches and accept everything from
+ * the kernel. People should really avoid those matches.
+ * If they're used in real-life some day, we will have
+ * to properly support multiple-matches here.
+ */
break;
}
diff --git a/src/libsystemd/sd-bus/bus-internal.c b/src/libsystemd/sd-bus/bus-internal.c
index 91b288cd25..37793e48ed 100644
--- a/src/libsystemd/sd-bus/bus-internal.c
+++ b/src/libsystemd/sd-bus/bus-internal.c
@@ -211,6 +211,17 @@ bool member_name_is_valid(const char *p) {
return true;
}
+/*
+ * Complex pattern match
+ * This checks whether @a is a 'complex-prefix' of @b, or @b is a
+ * 'complex-prefix' of @a, based on strings that consist of labels with @c as
+ * spearator. This function returns true if:
+ * - both strings are equal
+ * - either is a prefix of the other and ends with @c
+ * The second rule makes sure that either string needs to be fully included in
+ * the other, and the string which is considered the prefix needs to end with a
+ * separator.
+ */
static bool complex_pattern_check(char c, const char *a, const char *b) {
bool separator = false;
@@ -222,9 +233,7 @@ static bool complex_pattern_check(char c, const char *a, const char *b) {
for (;;) {
if (*a != *b)
- return (separator && (*a == 0 || *b == 0)) ||
- (*a == 0 && *b == c && b[1] == 0) ||
- (*b == 0 && *a == c && a[1] == 0);
+ return (separator && (*a == 0 || *b == 0));
if (*a == 0)
return true;
@@ -243,7 +252,18 @@ bool path_complex_pattern(const char *pattern, const char *value) {
return complex_pattern_check('/', pattern, value);
}
+/*
+ * Simple pattern match
+ * This checks whether @a is a 'simple-prefix' of @b, based on strings that
+ * consist of labels with @c as separator. This function returns true, if:
+ * - if @a and @b are equal
+ * - if @a is a prefix of @b, and the first following character in @b (or the
+ * last character in @a) is @c
+ * The second rule basically makes sure that if @a is a prefix of @b, then @b
+ * must follow with a new label separated by @c. It cannot extend the label.
+ */
static bool simple_pattern_check(char c, const char *a, const char *b) {
+ bool separator = false;
if (!a && !b)
return true;
@@ -253,11 +273,13 @@ static bool simple_pattern_check(char c, const char *a, const char *b) {
for (;;) {
if (*a != *b)
- return *a == 0 && *b == c;
+ return *a == 0 && (*b == c || separator);
if (*a == 0)
return true;
+ separator = *a == c;
+
a++, b++;
}
}
diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c
index 9f3756f0c2..322d57ddbb 100644
--- a/src/libsystemd/sd-bus/bus-socket.c
+++ b/src/libsystemd/sd-bus/bus-socket.c
@@ -502,7 +502,6 @@ static int bus_socket_read_auth(sd_bus *b) {
struct cmsghdr cmsghdr;
uint8_t buf[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX)];
} control;
- struct cmsghdr *cmsg;
bool handle_cmsg = false;
assert(b);
@@ -552,8 +551,10 @@ static int bus_socket_read_auth(sd_bus *b) {
b->rbuffer_size += k;
- if (handle_cmsg)
- for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg))
+ if (handle_cmsg) {
+ struct cmsghdr *cmsg;
+
+ CMSG_FOREACH(cmsg, &mh)
if (cmsg->cmsg_level == SOL_SOCKET &&
cmsg->cmsg_type == SCM_RIGHTS) {
int j;
@@ -567,6 +568,7 @@ static int bus_socket_read_auth(sd_bus *b) {
} else
log_debug("Got unexpected auxiliary data with level=%d and type=%d",
cmsg->cmsg_level, cmsg->cmsg_type);
+ }
r = bus_socket_auth_verify(b);
if (r != 0)
@@ -916,7 +918,6 @@ int bus_socket_read_message(sd_bus *bus) {
struct cmsghdr cmsghdr;
uint8_t buf[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX)];
} control;
- struct cmsghdr *cmsg;
bool handle_cmsg = false;
assert(bus);
@@ -961,8 +962,10 @@ int bus_socket_read_message(sd_bus *bus) {
bus->rbuffer_size += k;
- if (handle_cmsg)
- for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg))
+ if (handle_cmsg) {
+ struct cmsghdr *cmsg;
+
+ CMSG_FOREACH(cmsg, &mh)
if (cmsg->cmsg_level == SOL_SOCKET &&
cmsg->cmsg_type == SCM_RIGHTS) {
int n, *f;
@@ -990,6 +993,7 @@ int bus_socket_read_message(sd_bus *bus) {
} else
log_debug("Got unexpected auxiliary data with level=%d and type=%d",
cmsg->cmsg_level, cmsg->cmsg_type);
+ }
r = bus_socket_read_message_need(bus, &need);
if (r < 0)
diff --git a/src/libsystemd/sd-bus/test-bus-kernel-bloom.c b/src/libsystemd/sd-bus/test-bus-kernel-bloom.c
index b11c43bd7b..90eb1f2a33 100644
--- a/src/libsystemd/sd-bus/test-bus-kernel-bloom.c
+++ b/src/libsystemd/sd-bus/test-bus-kernel-bloom.c
@@ -26,6 +26,14 @@
#include "bus-kernel.h"
#include "bus-util.h"
+static int test_match(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) {
+ int *found = userdata;
+
+ *found = 1;
+
+ return 0;
+}
+
static void test_one(
const char *path,
const char *interface,
@@ -39,7 +47,7 @@ static void test_one(
_cleanup_free_ char *name = NULL, *bus_name = NULL, *address = NULL;
_cleanup_bus_message_unref_ sd_bus_message *m = NULL;
sd_bus *a, *b;
- int r;
+ int r, found = 0;
assert_se(asprintf(&name, "deine-mutter-%u", (unsigned) getpid()) >= 0);
@@ -71,7 +79,7 @@ static void test_one(
assert_se(r >= 0);
log_debug("match");
- r = sd_bus_add_match(b, NULL, match, NULL, NULL);
+ r = sd_bus_add_match(b, NULL, match, test_match, &found);
assert_se(r >= 0);
log_debug("signal");
@@ -83,7 +91,7 @@ static void test_one(
assert_se(r >= 0);
r = sd_bus_process(b, &m);
- assert_se(r >= 0 && (good == !!m));
+ assert_se(r >= 0 && good == !!found);
sd_bus_unref(a);
sd_bus_unref(b);
@@ -115,6 +123,17 @@ int main(int argc, char *argv[]) {
test_one("/foo/bar/waldo", "waldo.com", "Piep", false, "foobar", "path_namespace='/foo'", true);
test_one("/foo/bar/waldo", "waldo.com", "Piep", false, "foobar", "path_namespace='/'", true);
test_one("/foo/bar/waldo", "waldo.com", "Piep", false, "foobar", "path_namespace='/quux'", false);
+ test_one("/", "waldo.com", "Piep", false, "foobar", "path_namespace='/'", true);
+
+ test_one("/foo/bar/waldo", "waldo.com", "Piep", false, "foobar", "path='/foo/bar/waldo/'", false);
+ test_one("/foo/bar/waldo", "waldo.com", "Piep", false, "foobar", "path='/foo/'", false);
+ test_one("/foo/bar/waldo", "waldo.com", "Piep", false, "foobar", "path_namespace='/foo/bar/waldo/'", false);
+ test_one("/foo/bar/waldo", "waldo.com", "Piep", false, "foobar", "path_namespace='/foo/'", true);
+
+ test_one("/foo/bar/waldo", "waldo.com", "Piep", false, "/foo/bar/waldo", "arg0path='/foo/'", true);
+ test_one("/foo/bar/waldo", "waldo.com", "Piep", false, "/foo", "arg0path='/foo'", true);
+ test_one("/foo/bar/waldo", "waldo.com", "Piep", false, "/foo", "arg0path='/foo/bar/waldo'", false);
+ test_one("/foo/bar/waldo", "waldo.com", "Piep", false, "/foo/", "arg0path='/foo/bar/waldo'", true);
return 0;
}
diff --git a/src/libsystemd/sd-bus/test-bus-signature.c b/src/libsystemd/sd-bus/test-bus-signature.c
index 4165c9273a..17c6188ca0 100644
--- a/src/libsystemd/sd-bus/test-bus-signature.c
+++ b/src/libsystemd/sd-bus/test-bus-signature.c
@@ -95,23 +95,28 @@ int main(int argc, char *argv[]) {
assert_se(!namespace_complex_pattern("foo.", ""));
assert_se(path_complex_pattern("", ""));
- assert_se(path_complex_pattern("", "/"));
- assert_se(path_complex_pattern("/", ""));
+ assert_se(!path_complex_pattern("", "/"));
+ assert_se(!path_complex_pattern("/", ""));
assert_se(path_complex_pattern("/", "/"));
assert_se(path_complex_pattern("/foobar/", "/"));
- assert_se(path_complex_pattern("/foobar/", "/foobar"));
+ assert_se(!path_complex_pattern("/foobar/", "/foobar"));
assert_se(path_complex_pattern("/foobar", "/foobar"));
- assert_se(path_complex_pattern("/foobar", "/foobar/"));
+ assert_se(!path_complex_pattern("/foobar", "/foobar/"));
assert_se(!path_complex_pattern("/foobar", "/foobar/waldo"));
assert_se(path_complex_pattern("/foobar/", "/foobar/waldo"));
+ assert_se(path_complex_pattern("/foobar/waldo", "/foobar/"));
+
+ assert_se(path_simple_pattern("/foo/", "/foo/bar/waldo"));
assert_se(namespace_simple_pattern("", ""));
+ assert_se(namespace_simple_pattern("", ".foobar"));
assert_se(namespace_simple_pattern("foobar", "foobar"));
assert_se(namespace_simple_pattern("foobar.waldo", "foobar.waldo"));
assert_se(namespace_simple_pattern("foobar", "foobar.waldo"));
assert_se(!namespace_simple_pattern("foobar.waldo", "foobar"));
assert_se(!namespace_simple_pattern("", "foo"));
assert_se(!namespace_simple_pattern("foo", ""));
+ assert_se(namespace_simple_pattern("foo.", "foo.bar.waldo"));
assert_se(streq(object_path_startswith("/foo/bar", "/foo"), "bar"));
assert_se(streq(object_path_startswith("/foo", "/foo"), ""));
diff --git a/src/libsystemd/sd-rtnl/rtnl-message.c b/src/libsystemd/sd-rtnl/rtnl-message.c
index bab2a4ff08..9dcf7df559 100644
--- a/src/libsystemd/sd-rtnl/rtnl-message.c
+++ b/src/libsystemd/sd-rtnl/rtnl-message.c
@@ -1442,7 +1442,7 @@ static int socket_recv_message(int fd, struct iovec *iov, uint32_t *_group, bool
return (errno == EAGAIN || errno == EINTR) ? 0 : -errno;
}
- for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
+ CMSG_FOREACH(cmsg, &msg) {
if (cmsg->cmsg_level == SOL_SOCKET &&
cmsg->cmsg_type == SCM_CREDENTIALS &&
cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred))) {